Professional Documents
Culture Documents
1. INTRODUCTION OF CRYPTOGRAPHY
An original message is known as the plaintext, while the coded message is called the ciphertext. The process
of converting from plaintext to ciphertext is known as enciphering or encryption; restoring the plaintext
from the ciphertext is deciphering or decryption. The many schemes used for encryption constitute the
area of study known as cryptography. Such a scheme is known as a cryptographic system or a cipher.
Techniques used for deciphering a message without any knowledge of the enciphering details fall into the
area of cryptanalysis. Cryptanalysis is what the layperson calls “breaking the code.” The areas of
cryptography and cryptanalysis together are called cryptology.
There are five primary functions of cryptography today:
1. Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver.
2. Authentication: The process of proving one's identity.
3. Integrity: Assuring the receiver that the received message has not been altered in any way from the
original.
4. Non-repudiation: A mechanism to prove that the sender really sent this message.
5. Key exchange: The method by which crypto keys are shared between sender and receiver.
In cryptography, we start with the unencrypted data, referred to as plaintext. Plaintext is encrypted
into ciphertext, which will in turn (usually) be decrypted into usable plaintext. The encryption and
decryption is based upon the type of cryptography scheme being employed and some form of key. For those
who like formulas, this process is sometimes written as:
C = Ek(P)
P = Dk(C)
where P = plaintext, C = ciphertext, E = the encryption method, D = the decryption method, and k = the
key.
Figure 1: Three types of cryptography: secret key, public key, and hash function.
A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers
or symbols. If the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit
patterns with ciphertext bit patterns. Different types of encryption techniques are listed and described
below.
A. Caesar’s Cipher
B. Playfair Cipher
C. Keyword Cipher
D. Vigenere (Polyalphabetic) Cipher,
E. One Time Pad (Vermin Cipher)
A. Caesar’s Cipher
The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further
down the alphabet. For example,
plain: meet me after the toga party
cipher: PHHW PH DIWHU WKH WRJD SDUWB
The alphabet is wrapped around, so that the letter following Z is A. We can define the transformation by
listing all possibilities, as follows:
Page 3 of 10
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
To do the decryption, for each plaintext letter C, substitute the ciphertext letter p:
p = D(3, C) = (C - 3) mod 26
Page 4 of 10
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
Page 5 of 10
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
Page 6 of 10
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
The receiver after receiving the encrypted data and signature on it, first verifies the signature using sender’s
public key. After ensuring the validity of the signature, he then retrieves the data through decryption using
his private key.
Page 7 of 10
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
Key Management
There are some important aspects of key management which are as
follows −
Cryptographic keys are nothing but special pieces of data. Key
management refers to the secure administration of
cryptographic keys.
Key management deals with entire key lifecycle as depicted in
the following illustration −
There are two specific requirements of key management for public key cryptography.
o Secrecy of private keys. Throughout the key lifecycle, secret keys must remain secret from
all parties except those who are owner and are authorized to use them.
o Assurance of public keys. In public key cryptography, the public keys are in open domain and
seen as public pieces of data. By default there are no assurances of whether a public key is
correct, with whom it can be associated, or what it can be used for. Thus key management
of public keys needs to focus much more explicitly on assurance of purpose of public keys.
The most crucial requirement of ‘assurance of public key’ can be achieved through the public-key
infrastructure (PKI), a key management systems for supporting public-key cryptography.
Page 8 of 10
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
As shown in the illustration, the Certifying Authority (CA) accepts the application from a client to certify his
public key. The CA, after duly verifying identity of client, issues a digital certificate to that client.
Revocation of Certificates − At times, CA revokes the certificate issued due to some reason such as
compromise of private key by user or loss of trust in the client. After revocation, CA maintains the
list of all revoked certificate that is available to the environment.
There are four typical classes of certificate −
Class 1 − These certificates can be easily acquired by supplying an email address.
Class 2 − These certificates require additional personal information to be supplied.
Class 3 − These certificates can only be purchased after checks have been made about the
requestor’s identity.
Class 4 − They may be used by governments and financial organizations needing very high levels of
trust.
Page 10 of 10